Re: It's time for those 2048-, 3072-, and 4096-bit keys?
From: Zvezdan Petkovic (zvezdan@CS.WM.EDU)
Date: 04/01/02
- Next message: Darren Reed: "Re: pf OR ipf ?"
- Previous message: andy@sambolian.net.nz: "Re: Why update the world because of OpenSSH?"
- In reply to: Jason Stone: "Re: It's time for those 2048-, 3072-, and 4096-bit keys?"
- Next in thread: Dag-Erling Smorgrav: "Re: It's time for those 2048-, 3072-, and 4096-bit keys?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 1 Apr 2002 05:38:00 -0500 From: Zvezdan Petkovic <zvezdan@CS.WM.EDU> To: freebsd-security@FreeBSD.ORG
On Mon, Apr 01, 2002 at 12:28:30AM -0800, Jason Stone wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> > > Well, for one, the fact that you can't copy from one remote host to
> > > another.
> >
> > Wrong, you _CAN_ copy between two remote hosts.
> > scp man page says in the second paragraph of DESCRIPTION:
> >
> > Any file name may contain a host and user specification to indicate that
> > the file is to be copied to/from that host. Copies between two remote
> > hosts are permitted.
> >
> > scp my.office.machine:file.pdf my.home.machine:
>
> Yes, but it's not what you think - when you did this, what actually
> happened was that the client on the machine you started from did:
> ssh my.office.machine "scp file.pdf my.home.machine:"
> That is to say, you really just copied the file from office to home
> without it ever touching the machine in the middle. So if the two end
> machines can't see each other, this won't work. And if you can't arrange
> to get the password/key/passphrase for the home machine from the middle
> machine to the office machine, this won't work.
>
>
> -Jason
>
Correct. Remember though that the original post was that scp man page is
not clear enough. I just tried to show that it is quite clear and
correct. Setting the keys correctly is another matter, but my opinion is
that it is quite clear too for people who read documentation carefully.
Also, the first person in the quote above doesn't claim that copy has
to be over the middle machine. But again, you pointed correctly that if
these two machines do not allow direct connection to each other then the
copying wouldn't work. I don't think scp man page wanted to imply that
it would.
-- Zvezdan Petkovic <zvezdan@cs.wm.edu> http://www.cs.wm.edu/~zvezdan/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
- Next message: Darren Reed: "Re: pf OR ipf ?"
- Previous message: andy@sambolian.net.nz: "Re: Why update the world because of OpenSSH?"
- In reply to: Jason Stone: "Re: It's time for those 2048-, 3072-, and 4096-bit keys?"
- Next in thread: Dag-Erling Smorgrav: "Re: It's time for those 2048-, 3072-, and 4096-bit keys?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
